.NET Decompilation Tools Show & Tell (PowerUp)

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi everyone long time no see and welcome to another video and today we're going to be talking about a tool that i made to sort of show you the different types of the comparative tools that you can use in your projects to be able to decompile c-sharp decompile.net in general and use sort of other things to to decompile stuff so if you know a bit about me and was involved in making a lot of like compilers are surprising infographics on my webpage and i post them on twitter and various like places as well and one of the things that i'm using to to be able to do those is the tools that i've sort of written for myself so anytime you sort of want to have a good for example like the compilation output the thing that you can sort of use is a primary tool is sharp lab and i was using charcoal as well so as you can see there's this web page with char club and what you can do is you can sort of have some code and it will sort of you know give you your assembly output plus it can do like a lot of different things right so as you can tell it generated an assembly output and i was using this tool to make one of my first infographics and this is a really good tool because it's an online tool it's it has a lot of features and whatnot but today i wanted to sort of talk to you about my own tool because my own tool is sort of working almost in the same fashion as sharp club the only difference is that this is an offline tool and it's one of its biggest weaknesses and strengths because if you're doing a lecture anytime you're using something like you know a web-based tool it's the chances are something's going to happen websites are going to crash you're gonna have a slow down and it's not gonna work so that's why i sort of did my own and i wanted to sort of have much more features and the features should be driven in in this sort of fashion where what we're gonna do is we're gonna uh have it be a lecturer tour first and everything else second so all of the features are sort of centered around that and let me show you what i mean really right so let's go here and let's sort of start the tool and we're gonna pass some commands and it's gonna sort of uh run the c sharp the compiler it's gonna actually run a gold decompile as well because uh it supports multiple languages right but what i mean by like having this tool to be able to do like lecturing right so you don't need to even type a class you don't need to do anything else with this tool each time you sort of just write a piece of code it doesn't have to be private public whatever each time you run a function it's gonna display stuff on the screen right so that's the first change that um is different than the sharp plot i guess right the second thing is that um whatever you sort of um trying to do something it has shorthands for a lot of different things right so like again no usings no nothing it will just do implicit using using if you need some usings that they this tool doesn't have you can so of course type using xyz and it's gonna work right but uh regardless this is a tool to be able to sort of show you how um stuff decompiles and how to sort of reason about it as well because we have certain attributes but let me show you a bit a complicated function so let's just say that i'm gonna have a bunch of like you know these simple things in this method and i'm gonna type it in and let me return x and as you can tell it will do like instruction counts and it's gonna compute the code size and all of that good stuff right but we can do a bit more with this so what we can do is we can have custom attributes that will do various things so for example one of the attributes is like show asm docs and now as you can tell it will sort of show you um roughly speaking what happens at high levels so you know that this is an assignment this is a plus plus operator this is a return and all of that stuff is going to be sort of highlighted here as well so you can now like configure it a bit you can you can set the offset to like 50 for example and offset that's why it didn't work uh let's do it like 30 ish right 35 it's going to be a good metric so now as you can see it's like neatly sort of this pipe right um what else we can do here so what we can do here is if we say that for example if x is equals to one then let's return one then as you can tell it's gonna it's gonna do like the this sort of jump here and the jump is going to be sort of followed by a if statement and that if my if statement is gonna be present in the code here as well and you can do another thing which is pretty cool um you can have another attribute saying like show guides and if we are gonna show guides then as you can see right now it will sort of draw these handy sort of instructions which will tell you where the jump is gonna be sort of heading and what else um you're gonna get this sort of nice arrow here and like i said this is those are the features that make this tool into this sort of display right so you see a full big address maybe that's not one what you want to show because that actually takes a lot of screen space so maybe you want to format this slightly differently so you can you can do like short addresses and you can do like short it by for example two right so it's shorter uh the coring is a little bit messed up so i'm you know still working on it but if you shorten it by like four then as you can see it is better for like display purposes right i tend to leave it like it on eight because um those methods that i sort of show in these like compiler lectures or infographics don't need to be longer than like four uh characters uh in the address right so uh what's gonna happen if we sort of complicate this a little bit right so let's let's do a for loop and let's complicate this and let's see how the guide system is sort of working to help us understand what's gonna go uh how it's gonna sort of behave right and what sort of things can we sort of expect so if we're gonna do this for loop and then as you can tell we have like a fourth jump which means that we're gonna jump down this is usually an if statement it's a good practice to like leave it as an if statement and we have a backwards jump which means that probably this is a for loop because we're gonna spin around right so this is this is sort of um the presentation uh that we're sort of going in for and it's it's designed to show you what's happening in code even if you don't understand assembly code those things are all sort of like helpful to you right so that's why this tool is sort of being built to to for example do infographics around the sort of surprising things that compilers generate and the other thing is like to to do like lectures about compiler so another thing that we can sort of do if we can like do like uh another function and we're gonna call our m function with some arguments like we're gonna pass for example 10 then it's going to make a call here and we have now two functions right so if we for example want to inline these two and we don't want uh to have this call here usually there's this complicated um attribute in c-sharp where you have like method implementation method implementation options aggressive and lining or like no online right so in order to not be to not type all of this right because um you might have a typo you might not remember how to sort of call this um i've designed a bunch of like shorthand so for example we have a custom attribute called inline and it will do the same thing so now you sort of see that it's gonna inline your code here as well so inlining is is the process where you take one function and like put it in into the other function but you're gonna do some morphing and optimizations along the way so those two functions are not gonna be like then identical right this code is not going to be precisely the same but it's gonna be inline so the whole logic of one method that's going to be put into another method but optimizations and assembly instructions might be completely different so this is to sort of show you that and sometimes things will automatic in in line so you have another attribute called know in inline so this will absolutely prevent inlining so it's another thing that actually gets translated into the c sharp code and this method implementation object right so um what else can we do here so there's some interesting stuff we can do a for example an attribute called run and as you might expect a run attribute will actually run the code it will not do anything with it because there's nothing yet right but if we're gonna run the code we can actually print stuff so we have this print method now and we can do like you know printing as well so we can um let's just say that we're gonna have an x variable and we're gonna pass in the x and then we're gonna see what's the value of x and it's gonna tell us right so it's doing a bunch of trickery a bunch of like um rewriting the functions to be able to even capture that name and and whatnot but um it's sometimes useful for again presentation purposes but the most useful thing that you can sort of do here and this code and i've been using it a lot lately um is the benchmark attribute so you can have this attribute called bench and if we run it it's gonna just default the parameters and it's not gonna do a lot because it will run the method and it will sort of do a 1000 calls which is a warm-up phase and then it's just gonna do 1000 calls which is like the the measuring phase obviously um it measures in milliseconds so this takes no time at all so it takes 0 milliseconds but in order to be able to sort of see some benchmarks we can pick it so what we can do here is we can say like run count equals some big number right and if we change the run count it's still gonna be zero but the more we add the worse it's gonna become because it's not measuring the mean of the method it's measuring a tall running time of this many sort of calls right so this is a very simple benchmark uh that you can do um i have a plan to sort of exchange benchmarks and like hook up benchmark.net at some point and whatnot right but uh for now if we're doing these things with uh with assembly code and methods and we're trying to show up like um the complete dumpster fire which is some types of optimizations this benchmark is enough to be able to show all right so those were the most important features to sort of make infographics and this of course is open source it is being still under development it has no release you have to compile it from code but um there's documentation um there's guides the program will guide you if you you know like mess up the input arguments for this sort of tool and it will do a correct job hopefully if not we can always improve it right so that's one of the bits that we can do right now the other bit is um we can actually compile into multiple runtimes and we can actually compile in multiple languages so another language that we can sort of compound to is go oh and if we're sort of compiling in c sharp of course we can see il it's gonna write to this i o file as well um i i'll still need some like color coding still need some um some things because if we're gonna put in the like run attribute it's gonna actually dump all of the hidden stuff like those attributes and those benchmarks into ielts that needs to be cleaned up but um you can sort of find your method here as well and check the io right it's not very practical yet but it's going to get practical soon so this is our and like n method that's going to call the m method and this is our method so it's like for full io so that's one of the things you can you can do in c sharp you can also do uh something that's really cool and interesting but it's still being like heavily developed is that you don't need to write c sharp code specifically you can actually write il code and compile that to c sharp and compile that to decompile that to assembly code so you can do like crazy stuff like for example double boxing so you can box a reference type and see what happens so this uh this bit is to be able to do like these sort of crazy experiments because io has a lot of instructions a lot of them are and even sort of present in c sharp c sharp will never output certain instructions and it will never sort of output certain combinations of instructions although they might be valid or not sometimes they're on i didn't undentified and the competitor will still sort of take them and do something with them and you can test what sort of things will it do right so like i said i've tested like what's going to happen if we box a box type you can totally do it and it's going to do something right but um it's not going to crash i i can tell you that right so that's interesting in in some capacity so one of the things that i sort of almost missed in this video is the ability to be able to do layouts so not only you can sort of decompile methods show uh il show like a lot of things run them and benchmark them you can also do layouts so if you have a custom tab like a cluster construct it's going to show you a custom layout which is pretty useful if you're trying to sort of layout your stuff in memory because you're trying to see what the performance is going to be of that right this feature is still experimental it's still in development it sometimes crashes but um it's gonna get better over time right so let's create like a public public pass called s for example and let's do public boolean uh a and let's just save it right so as you can see it has its memory layout it's gonna post its size and it's gonna post it's like range right so if you add like an ins called b now and save it you can see that it sort of switched places so the end is first because of the um compiler packing and you can sort of do these things and check out the sizes of things so for example if you're ever wondered what's the size and sort of layouts of empty structs um so let's do like struck empty for example it's gonna be completely empty right so the size is one and you can see some interesting messaging here that the size is estimated because the way that we sort of have to estimate the struct size is we're actually putting it on the heap not on the stack because a struct can live on in registers and can live on the stack and it can actually live on the heap so it can live in a lot of places and it's difficult to judge how it's gonna sort of end up then it's just easier to box it and then do some estimation analysis and then post the size which should be mostly correct um because it follows sort of the rules of um of the compiler right so this is another feature which is really interesting it's still like early in development but you can probably still you can use this and have fun right so moving on um okay moving to go so in go um we now have this very simple sort of compiler output which the go compiler actually provides for us uh almost for free you just need to call the right tool um but it's not very sort of like printing right and it sort of crashes because it just cannot find the correct file uh but let's do like function let's try it out um let's do it like that and let's do like x plus equals one so it didn't crash this time around and as you can tell it's the go assembly output it's not x86 assembly code it's a really it's il but the go sort of intermediate representation is very close to the metal so the go compiler will not do most of the optimization so what you sort of see happening here is almost the same that you're gonna get in x86 so i didn't sort of bother yet to actually look up the correct assembly code because most of the time um it's just changing names it's not like doing you know large-scale optimization so all of the optimizations already happened so if they don't happen here the chances are they're not going to happen in x86 uh at all right but as you can tell um it still works um the code is a little bit like messy right but um we can sort of do like if x is equal to one and then let's like return one otherwise let's return x and of course we need to sort of modify this function now um to return something else but as you can tell it did its job um go has this neat feature with it's gonna map instructions to like code so um when i'm going to be sort of updating this um this go decompiler i'm gonna do certain things with it which is gonna be interesting we're gonna add guides right now there's no guides here but we're gonna do it and we're gonna sort of clean this up because we don't need all like most of this information we would just want probably to have this and maybe the header of the function and not much else right so there's some stuff to do but um we're gonna get there and in terms of architecture i guess we're gonna cover that in a separate video if we would like to see like the architecture because i tend to sort of have this different coding style than most people and you might find that interesting so that's it for this video and i hope that this tool is going to be helpful for you leave a like subscribe if you will and if there's you know if you want to see more then just type it in the comments and i'm gonna make another one where i'm gonna need to show you some like features and code and some ideas and some like design uh choices that i made some of them are correct some of them are incorrect because i just found out that some of the stuff is not not possible to do in the with the.net the compiler because i have to like change the design completely but it is what it is so thank you for watching and see you next time bye
Info
Channel: LevelUp
Views: 900
Rating: undefined out of 5
Keywords: dotnet, C#, go, decompilation
Id: EZV_9sCrptc
Channel Id: undefined
Length: 20min 44sec (1244 seconds)
Published: Wed Nov 10 2021
Related Videos
C# If Else Internals
LevelUp
2.5K
How To Speak by Patrick Winston
MIT OpenCourseWare
5.2M
C# Switch Case Internals #1
LevelUp
1.7K
I Built This From A 1972 Popular Mechanics Magazine Plan. Does It Work?
Fireball Tool
2.3M
Special Lecture: F-22 Flight Controls
MIT OpenCourseWare
2.3M
Hackers vs. Developers // CVE-2021-44228 Log4Shell
LiveOverflow
31K
Ben Folds Composes a Song LIVE for Orchestra In Only 10 Minutes
The Kennedy Center
5.7M
C# What JIT Generates? - Loop Cloning
LevelUp
933
Kubernetes Crash Course for Absolute Beginners [NEW]
TechWorld with Nana
280K
JavaScript Tutorial for Beginners: Learn JavaScript in 1 Hour
Programming with Mosh
6.1M
Solid State Batteries - Autumn 2021 mass production in Japan. Is it FINALLY happening?
Just Have a Think
1.3M
5 (Extreme) Performance Tips in C#
LevelUp
33K
C# JIT Decompilation Tips using WinDBG
LevelUp
1K
LEARN OPENCV C++ in 4 HOURS | Including 3x Projects | Computer Vision
Murtaza's Workshop - Robotics and AI
1.4M
C++20: Reaching for the Aims of C++ - Bjarne Stroustrup - CppCon 2021
CppCon
22K
Should unskilled devs be using GitHub Copilot?
Nick Chapsas
13K
Visual Basic .Net : Search in Access Database - DataGridView BindingSource Filter (Part 1/2)
iBasskung
13M
C# What JIT Generates? - Folds
LevelUp
1.2K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.